class UserController < ApplicationController
  def signin 
    if request.post? 
      user = Captain.find(:first, :conditions => ['email = ?', params[:email]]) 
      if user.blank? || 
        Digest::SHA256.hexdigest(params[:password] + user.password_salt) != user.password_hash 
        raise "Username or password invalid" 
      end 
      session[:user] = user.id 
      redirect_to :action => session[:intended_action], :controller => session[:intended_controller] 
    end 
  end   
  
  def signout 
    session[:user] = nil 
    redirect_to :controller => "maturin" 
  end
end
